Call Accounting and the WORM Mandate
Sometimes nomenclature has a way of tripping over its own feet. For years, information technology (IT) professionals feared worms, which were a breed of self-replication program that targeted computers' vulnerabilities and potentially raised havoc. Now, WORM is a potentially valuable development that has more than a few doing double-takes, particularly in call accounting. So how does this unfortunately-named protocol potentially help a business?
WORM—or Write Once Read Many—is a protocol that's being heavily encouraged by the Financial Industry Regulatory Authority (FINRA), and calls for its use in the storage of records. As the name suggests, it “prevents the alteration or destruction of records stored electronically,” which basically means that the record is written only once, but referred to many times. That's not just the case in call accounting, but throughout the firm as well.
FINRA has some significant disciplinary powers at its disposal, and failing to comply with the WORM mandate can result in substantial fines levied against an organization. FINRA isn't taking that part of the job lightly, either; just in 2016, FINRA reportedly had a hand in over $200 million in fines and restitution operations.
While some firms will take a look at the situation and see if it costs more to put in the necessary WORM mandate compliance tools in call accounting and other sectors or to just pay the fines, there are some other considerations that need to go into such a decision, particularly in terms of WORM itself. WORM is there as a kind of security measure, allowing firms to write a record only once, and make it impossible to alter.
Since part of a FINRA investigation on WORM, where a company is found to be not in compliance, includes the requirement that a plan be drafted to resolve the deficiencies found, it's likely a good idea to just cut out the middleman—and the fines—and go ahead and set up the plan anyway. If a company's under investigation for WORM mandate violation, reports suggest, the company will have to set up a program for WORM compliance anyway. It may therefore be a good idea to just go ahead and set it up now before a business is forced to. Plus, obeying a mandate like this voluntarily can be an excellent marketing tool; announcing that systems are safer than ever can be a good way to draw business depending on the field.
So for those businesses that fall under WORM mandates, it's a good idea to follow through on that mandate now rather than have the issue forced later. It's coming, one way or another, and being forced to follow it loses a lot of that market appeal.
Edited by Alicia Young